MAL-2026-1091

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/myproject-bola/MAL-2026-1091.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2026-1091
Published
2026-02-28T20:25:57Z
Modified
2026-02-28T21:00:18.148260Z
Summary
Malicious code in myproject-bola (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: kam193 (f85bf2df7a8a311b7140ca4086746ecf3c26b219843b96c1f9f8c22f505e7edc)

Starting the module initiates an infostealer with a Telegram bot and RAT-like functionality and hardcoded credentials. The code automatically adds itself to autostart, collects some credentials, and also awaits further commands. The code is capable of exfiltrating browser data, files, taking screenshots, recording audio and modifying some system configurations.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-02-isb

Reasons (based on the campaign):

  • infostealer

  • exfiltration-browser-data

  • exfiltration-credentials

  • peristence-autorun

  • rat

  • spyware-like

  • files-exfiltration

  • iritating-computer-activity

Database specific 
{
    "malicious-packages-origins": [
        {
            "import_time": "2026-02-28T20:41:32.300847165Z",
            "source": "kam193",
            "modified_time": "2026-02-28T20:25:57.91926Z",
            "id": "pypi/2026-02-isb/myproject-bola",
            "sha256": "f85bf2df7a8a311b7140ca4086746ecf3c26b219843b96c1f9f8c22f505e7edc",
            "versions": [
                "1.0.0"
            ]
        }
    ]
}
References
Credits

Affected packages

PyPI / myproject-bola

Package

Name
myproject-bola
View open source insights on deps.dev
Purl
pkg:pypi/myproject-bola

Affected ranges

Affected versions

1.*
1.0.0

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/myproject-bola/MAL-2026-1091.json"